Mercurial > hg > xemacs-beta

diff src/sequence.c @ 5891:a0e751d6c3ad

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Import the #'clear-string API from GNU, use it in tls.c src/ChangeLog addition: 2015-04-18 Aidan Kehoe <kehoea@parhasard.net> * sequence.c (Fclear_string): New, API from GNU. Zero a string's contents, making sure the text is not kept around even when the string's data is reallocated because of a changed character length. * sequence.c (syms_of_sequence): Make it available to Lisp. * lisp.h: Make it available to C code. * tls.c (nss_pk11_password): Use it. * tls.c (gnutls_pk11_password): Use it. * tls.c (openssl_password): Use it. tests/ChangeLog addition: 2015-04-18 Aidan Kehoe <kehoea@parhasard.net> * automated/lisp-tests.el: Test #'clear-string, just added. Unfortunately there's no way to be certain from Lisp that the old password data has been erased after realloc; it may be worth adding a test to tests.c, but *we'll be reading memory we shouldn't be*, so that gives me pause.
author Aidan Kehoe <kehoea@parhasard.net>
date Sat, 18 Apr 2015 23:00:14 +0100
parents e9bb3688e654
children
line wrap: on
line diff
--- a/src/sequence.c	Thu Apr 09 14:54:37 2015 +0100
+++ b/src/sequence.c	Sat Apr 18 23:00:14 2015 +0100
@@ -4154,6 +4154,52 @@
   return sequence;
 }
 
+DEFUN ("clear-string", Fclear_string, 1, 1, 0, /*
+Fill STRING with ?\\x00 characters.  Return nil.
+
+This differs from `fill' with a ?\\x00 argument in that it ensures that
+STRING's existing contents are discarded, even in the event of reallocation
+due to a change in the byte length of STRING.  In this implementation, the
+character length of STRING is not changed.
+*/
+       (string))
+{
+  Ibyte nullbyte[MAX_ICHAR_LEN];
+  Bytecount zerolen = set_itext_ichar (nullbyte, 0);
+  Charcount scount;
+
+  CHECK_STRING (string);
+
+  scount = string_char_length (string);
+
+  /* First, clear the original string data. */
+  memset (XSTRING_DATA (string), 0, XSTRING_LENGTH (string));
+
+  /* Now, resize if that's necessary, to make sure Lisp isn't confused by the
+     character length of a string changing. */
+  if (string_char_length (string) != scount)
+    {
+      Ibyte *p, *pend;
+      Bytecount delta = (zerolen * scount) - XSTRING_LENGTH (string);
+
+      resize_string (string, 0, delta);
+      p = XSTRING_DATA (string);
+      pend = p + XSTRING_LENGTH (string);
+
+      while (p < pend)
+        {
+          memcpy (p, nullbyte, zerolen);
+          p += zerolen;
+        }
+    }
+
+  init_string_ascii_begin (string);
+  bump_string_modiff (string);
+  sledgehammer_check_ascii_begin (string);
+
+  return Qnil;
+}
+
 
 /* Replace the substring of DEST beginning at START and ending before END
    with the text at SOURCE, which is END - START characters long and
@@ -8316,6 +8362,7 @@
   DEFSUBR (Fmerge);
   DEFSUBR (FsortX);
   DEFSUBR (Ffill);
+  DEFSUBR (Fclear_string);
   DEFSUBR (Fmapconcat);
   DEFSUBR (FmapcarX);
   DEFSUBR (Fmapvector);